package cloud.xuxiaowei.passport.controller;

import cloud.xuxiaowei.utils.Response;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author xuxiaowei
 * @since 0.0.1
 */
@RestController
@RequestMapping("/test/authority")
public class AuthorityRestController {

	/**
	 * 拥有权限 A1 可以访问
	 */
	@RequestMapping("/a1")
	@PreAuthorize("hasAuthority('A1')")
	public Response<?> a1() {
		return Response.ok();
	}

	/**
	 * 拥有权限 A1、A2 或 A3 可以访问
	 */
	@RequestMapping("/a-any")
	@PreAuthorize("hasAnyAuthority('A1', 'A2', 'A3')")
	public Response<?> aAny() {
		return Response.ok();
	}

	/**
	 * 同时 拥有权限 A1 和 A2 才可以访问
	 */
	@RequestMapping("/a-and")
	@PreAuthorize("hasAuthority('A1') and hasAuthority('A2')")
	public Response<?> aAnd() {
		return Response.ok();
	}

}
